Enable job alerts via email!
Senior Microsoft Sentinel / SIEM Engineer
Cloud Decisions
United Kingdom
Remote
GBP 63,000 - 75,000
Full time
Boost your interview chances
Job summary
A leading company in cybersecurity seeks a Senior Microsoft Sentinel / SIEM Engineer for a fully remote position in the UK. In this role, you will contribute to forefront cybersecurity efforts involving nation-state threat actors. Successful candidates will thrive in dynamic environments and possess substantial experience with Microsoft Sentinel integrations.
Benefits
Qualifications
- Experience with Microsoft Sentinel integrations at enterprise level.
- Understanding of security telemetry across various layers.
- Experience in SIEM content development including KQL.
Responsibilities
- Own and optimize log onboarding into Microsoft Sentinel.
- Enhance custom Function Apps and ingestion pipelines.
- Partner with IR teams on real attacks for tuning detection rules.
Skills
Tools
Job description
2 days ago Be among the first 25 applicants
Get AI-powered advice on this job and more exclusive features.
This range is provided by Cloud Decisions. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Direct message the job poster from Cloud Decisions
Job Title:
To £75,000 + Benefits + Microsoft
Fully Remote, UK
(*Global Microsoft Managed MISA Partner
+ complex Sentinel Engineering/Integration)
The Opportunity
This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse.
You'll be joining a Microsoft managed global partner, a prominent MISA member, a team with Security MVP's and a Microsoft Verified Safe XDR Solution Partner, and a trusted Security Depth Partner.
In short giving you unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support.
You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will stretch your skills, give you opportunity to ingest complex logs from a mass of cloud and data sources and the chance to learn these as you go.
The Role
You'll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response.
- Log ingestion at scale across numerous hybrid and multi-cloud environments
- Enhance custom Function Apps and ingestion pipelines
- Parse, normalise, and optimise log telemetry to ensure precision and cost control
- Partner with IR teams on real attacks – tuning rules against live threat actor activity
- Sync closely with Microsoft teams to build cutting-edge detection capabilities
- Contribute to internal knowledge base and help shape engineering standards
What's needed?
- Experience building and integrating complex Microsoft Sentinel at SMC and enterprise
- Understanding of security telemetry across identity, endpoint, cloud, and network layers
- Experience in SIEM content development, including KQL, analytics rules, and custom data connectors
- Scripting and engineering skills – Python, PowerShell, APIs, Function Apps
- A background in cyber threat detection, incident response or DFIR is a real plus
- Comfortable working in very fast-moving, customer facing delivery environments
The Technical Shizzle:
- PowerShell, Python, REST APIs
- Log ingestion and parsing across multi platforms (Azure/AWS/GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta + Tier 1 Network vendors)
- MITRE ATT&CK, threat detection frameworks, IOC enrichment
- Ability to go and work things out is crucial
- Sentinel/Log Analytics Cost Management and Data Optimisation
What’s In It for You?
- Direct access to Microsoft Sentinel product teams and early feature previews
- Deep involvement in real-world nation-state attack detection
- Huge opportunity to stretch and sharpen you Sentinel mastery
- Be part of a Microsoft Security elite MISA and Depth partner
- Exposure to multi-cloud detection and advanced security automation
- Fully remote, highly flexible work culture with global team collaboration
- Recognition, career progression and growth all within a global Microsoft specialist and respected security consultancy
- Seniority levelNot Applicable
- Employment typeFull-time
- Job functionInformation Technology
- IndustriesIT Services and IT Consulting, Computer and Network Security, and Professional Services
Referrals increase your chances of interviewing at Cloud Decisions by 2x
Get notified about new Microsoft Specialist jobs in United Kingdom.
London, England, United Kingdom 4 days ago
London, England, United Kingdom 1 week ago
Brighton, England, United Kingdom 1 week ago
Nottingham, England, United Kingdom 3 months ago
Greater London, England, United Kingdom 1 month ago
Coventry, England, United Kingdom 3 months ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
